For those that are interested, Exodus are completely ignoring the issue.
I hate to imagine who else has lost their coins unknowingly while they were stored offline.
Topic: Exodus weakness, not for the unsuspecting. 2.0 BTC stolen while stored offline. (Read 705 times)
September 03, 2017, 03:00:22 AM
September 01, 2017, 11:14:13 AM
For me, what hurts most is the mining I did the hours I spent researching before I even stepped in and purchased anything. That was back in 2013... I have checked CMC daily since read many things.. All of us here have to a point and from a point.
those Two BTC represented everything I have put into it. The BCC that I got from them was the pat on the back...
It was more than just a dollar amount I lost or a bunch of code that represented wealth.
It was my entire faith that I have put in this ecosystem for years, and as you say someone comes along and swipes it.
My only consolations are that the ETH was strangely not touched so it was not all... and that the money I was kicking myself for these months and years for not putting in...because look at the growth... was and is still mine or spent by me. It could have been alot more as well But $12000 is nothing to sniff at.
I will probably get one more BTC and BCC over the coming months, for the FOMO factor, but I m done with investing my energy in studying this... one bitten twice shy.
I hope there is a massive correction lol, because my funds don't allow even a fraction at this price and stage.
Imagine telling my kid in 18 years, you had a bitcoin and some bastard stole it...
those Two BTC represented everything I have put into it. The BCC that I got from them was the pat on the back...
It was more than just a dollar amount I lost or a bunch of code that represented wealth.
It was my entire faith that I have put in this ecosystem for years, and as you say someone comes along and swipes it.
My only consolations are that the ETH was strangely not touched so it was not all... and that the money I was kicking myself for these months and years for not putting in...because look at the growth... was and is still mine or spent by me. It could have been alot more as well But $12000 is nothing to sniff at.
I will probably get one more BTC and BCC over the coming months, for the FOMO factor, but I m done with investing my energy in studying this... one bitten twice shy.
I hope there is a massive correction lol, because my funds don't allow even a fraction at this price and stage.
Imagine telling my kid in 18 years, you had a bitcoin and some bastard stole it...
I feel you. Making a sand castle with all your efforts and try to make it look as good as it is then someone comes along and breaks it. That would be so frustrating. The thing in bitcoin is not just the price. It is a trophy. It is your reward for sticking into it and working hard for it. Even when almost the whole world says you will regret investing time and money on just another scam. But guess what, there you are with your hard earned proof that you are not dumb and made the right decisions. Then someone takes it away without even thinking what his victims may had gone through to earn what they have. And the worse part? After gaining your trust to use their wallet, I think that your wallet host is washing its hands from its responsibility and doesn't want to admit its own mistakes.
Lol. I shouldn't have laughed but couldn't help it. XD i was imagining your kid's face and reaction while calling you dumb then you both laugh together xD
September 01, 2017, 10:48:16 AM
So discussing on Slack to one of their team, I am told that it is not possible to access the funds with just the link...
So essentially they are saying as crypto and software developers that when one stores their assets offline, it is ok to have a link to it online.. because it is impossible for anyone to get your password.
Can someone please tell me if I am insane or just in denial or something?
is than not like a bank taking your money out of the valt and putting it in a cashbox in a public space, because nobody else has the combination?
To ignore the world of hackers, worms, bots and all sorts of malicious software and the ability to track peoples typing etc...seems pretty pathetic.
When I wanted my coins offline, I wanted them offline. With just my password it would have been impossible to get them.
if you have exodus, get your words and delete that email.
So essentially they are saying as crypto and software developers that when one stores their assets offline, it is ok to have a link to it online.. because it is impossible for anyone to get your password.
Can someone please tell me if I am insane or just in denial or something?
is than not like a bank taking your money out of the valt and putting it in a cashbox in a public space, because nobody else has the combination?
To ignore the world of hackers, worms, bots and all sorts of malicious software and the ability to track peoples typing etc...seems pretty pathetic.
When I wanted my coins offline, I wanted them offline. With just my password it would have been impossible to get them.
if you have exodus, get your words and delete that email.
September 01, 2017, 09:49:16 AM
For me, what hurts most is the mining I did the hours I spent researching before I even stepped in and purchased anything. That was back in 2013... I have checked CMC daily since read many things.. All of us here have to a point and from a point.
those Two BTC represented everything I have put into it. The BCC that I got from them was the pat on the back...
It was more than just a dollar amount I lost or a bunch of code that represented wealth.
It was my entire faith that I have put in this ecosystem for years, and as you say someone comes along and swipes it.
My only consolations are that the ETH was strangely not touched so it was not all... and that the money I was kicking myself for these months and years for not putting in...because look at the growth... was and is still mine or spent by me. It could have been alot more as well But $12000 is nothing to sniff at.
I will probably get one more BTC and BCC over the coming months, for the FOMO factor, but I m done with investing my energy in studying this... one bitten twice shy.
I hope there is a massive correction lol, because my funds don't allow even a fraction at this price and stage.
Imagine telling my kid in 18 years, you had a bitcoin and some bastard stole it...
those Two BTC represented everything I have put into it. The BCC that I got from them was the pat on the back...
It was more than just a dollar amount I lost or a bunch of code that represented wealth.
It was my entire faith that I have put in this ecosystem for years, and as you say someone comes along and swipes it.
My only consolations are that the ETH was strangely not touched so it was not all... and that the money I was kicking myself for these months and years for not putting in...because look at the growth... was and is still mine or spent by me. It could have been alot more as well But $12000 is nothing to sniff at.
I will probably get one more BTC and BCC over the coming months, for the FOMO factor, but I m done with investing my energy in studying this... one bitten twice shy.
I hope there is a massive correction lol, because my funds don't allow even a fraction at this price and stage.
Imagine telling my kid in 18 years, you had a bitcoin and some bastard stole it...
September 01, 2017, 09:15:38 AM
Wow op, I really feel bad for you. I can feel the emotional pain you are feeling while reading your post. It really sucks to have people who do nothing but steal other people's hard earned money. I too have a son 1month+ old. And i really feel how devastated you are to realize that you lost the thing that could've ensured your son's future. But don't worry man, as long as we are breathing there is hope. You will earn so much more than what you had lost. Karma will catch up to that son of a bitch sooner or later. I hope this post made feel even a bit better. Thanks for sharing your story man.
September 01, 2017, 08:54:59 AM
So I had my 2.0 BTC and their corresponding BCC stolen from my wallet while it was stored offline.
This was due to a foreseeable weakness in the Exodus offline wallet.
I am not really posting this to bitch, moan or vent... though it is doubling as those things. I am writing this to warn others like me, to avoid being put in this depressing situation in an exciting environment.
So, I changed my various altcoins to BTC and ETH the other month. I had it stored offline since mid 2014.
I wanted a savings for our 7 month old boy and home we are saving for... BTC seems like a logical medium to long term investment.
I did a bit of research and found Exodus, it seemed slick and could hold both the BTC and the ETH I had in an exchange that I got from my MEC.
Perfect, put the coins on there, back up the wallet. Store the words in a couple of places in different countries on paper and on a usb stashed and well hidden in encrypted cloud storage elsewhere for use anywhere in the world. Clean the computer remove any wallets and any trace of crypto...
Safe, right?
An important thing to note at this stage is that I followed their procedures, but when I had written down the words etc and when you go to the next stage on their system, it asks you to enter an email address for a back up link. I found this bizarre as I was about to erase any existence of my crypto trading off my computer and out of the internet and onto paper, but they are sending a backup link. Well they need to know my password too, right? So I went along with it, stashed the email deep on a sub folder in my email.
Anyway, that was before the recent BTC fork and before the fork I contact Exodus to see what the ramifications of keeping them stored offline on their wallet was, if a fork happened. I was assured it was ok and in fact it was so I left everything there as it was.
Forward to the 28th of August 2017 just a few days before writing this...
My computer starts going slow, and crashing... then it crashes and I cannot even start it...
So reboot with a USB, reinstall windows, format the disk etc...clean and running again.
But while I am doing this I start thinking about BTC etc. and I learn of these new salt tokens, interestingly watching an interview with one of the exodus developers, and get interested to put a $1000 into them for their potential.
So I restore my wallet, and the BTC is gone...
My 4.5 ETH were there, but the BTC was gone. At first, probably denial, I didn't notice the transactions out from the day earlier. When it had been stored offline for months...
But after discussion with the assist team from exodus, I had come to face the reality that my Bitcoins had been taken from my wallet while I had it stored offline and had no traces of it on this computer.
None.
The only way that anyone had access to my wallet was either with these keys that were near impossible to get, unless they came through me, or that damned link.
So the only logical conclusion, using Occam's razor, is that the virus or attacking software that shut down my system had a keyboard tracker, worked out my several passwords and used the link in my email to access my wallet.
It is very strange that the $1700 odd in ETH was not stolen at the same time, which tells me it was an automated process...
But now I have worked out that very simple hacking can access an exodus wallet.
Access to email and a keyboard tracker is entry level hacking , no?
Why they have the backup link emailed through a third parties servers is beyond me. I trusted their system, and the very sad and true reality is that if I had have used any other wallet, any, or just left it all on an exchange. I would still have them.
They are not acknowledging that this weakness is a problem, and many (inducing myself) will call me an idiot for leaving that email in my folders on my email storage.
So if you use Exodus, delete or remove that storage link from the internet!! Or your coins will be taken at some stage.
It just takes simple hacking to get into someones email and then work out their passwords, we all know this. I felt the caution when I was entering my email into the exodus system to back up my wallet, but I went against my intuition and trusted their system. New fancy wallet for the mainstream, right? they must be onto it.
Those two BTC were the result of a couple of years of research, investment and my entire enthusiasm for the crypto scene. They were the deposit to my family's house in a couple of years and my sons education plan. He is 6 months old now.
Gone.
I cried.
In such exciting times I felt I was on board, and would not feel the FOMO, I had my 2 whole bitcoins, and some ether. But now I have just some Ether and if I invest more I will feel silly, If I don't I will feel silly.
what to do, meanwhile BTC and BCC grow fast.
I will not rant on any more, but be it a warning to those like me that are interested enough and avid enough to put our toes into this scene, but not the experts.
This is what the BTC scene needs now to gain mass adoption. I feel this weakness is bad for the community as a whole, it gives hackers incentive to attack, it waters down the security of BTC that is built in. I had my numbers I cleaned everything off my computer and I still got hacked. Because their dumb email.
I wrote to the developer of Exodus that is responsible for this aspect of the project 24 hours ago, no reply.
Be careful and just because the startups look all kind, caring and into it... tread carefully.
Just download the block chain and use a core wallet.
Fuck the fancy shit, it will just bite you in the ass.
Devistated.
This was due to a foreseeable weakness in the Exodus offline wallet.
I am not really posting this to bitch, moan or vent... though it is doubling as those things. I am writing this to warn others like me, to avoid being put in this depressing situation in an exciting environment.
So, I changed my various altcoins to BTC and ETH the other month. I had it stored offline since mid 2014.
I wanted a savings for our 7 month old boy and home we are saving for... BTC seems like a logical medium to long term investment.
I did a bit of research and found Exodus, it seemed slick and could hold both the BTC and the ETH I had in an exchange that I got from my MEC.
Perfect, put the coins on there, back up the wallet. Store the words in a couple of places in different countries on paper and on a usb stashed and well hidden in encrypted cloud storage elsewhere for use anywhere in the world. Clean the computer remove any wallets and any trace of crypto...
Safe, right?
An important thing to note at this stage is that I followed their procedures, but when I had written down the words etc and when you go to the next stage on their system, it asks you to enter an email address for a back up link. I found this bizarre as I was about to erase any existence of my crypto trading off my computer and out of the internet and onto paper, but they are sending a backup link. Well they need to know my password too, right? So I went along with it, stashed the email deep on a sub folder in my email.
Anyway, that was before the recent BTC fork and before the fork I contact Exodus to see what the ramifications of keeping them stored offline on their wallet was, if a fork happened. I was assured it was ok and in fact it was so I left everything there as it was.
Forward to the 28th of August 2017 just a few days before writing this...
My computer starts going slow, and crashing... then it crashes and I cannot even start it...
So reboot with a USB, reinstall windows, format the disk etc...clean and running again.
But while I am doing this I start thinking about BTC etc. and I learn of these new salt tokens, interestingly watching an interview with one of the exodus developers, and get interested to put a $1000 into them for their potential.
So I restore my wallet, and the BTC is gone...
My 4.5 ETH were there, but the BTC was gone. At first, probably denial, I didn't notice the transactions out from the day earlier. When it had been stored offline for months...
But after discussion with the assist team from exodus, I had come to face the reality that my Bitcoins had been taken from my wallet while I had it stored offline and had no traces of it on this computer.
None.
The only way that anyone had access to my wallet was either with these keys that were near impossible to get, unless they came through me, or that damned link.
So the only logical conclusion, using Occam's razor, is that the virus or attacking software that shut down my system had a keyboard tracker, worked out my several passwords and used the link in my email to access my wallet.
It is very strange that the $1700 odd in ETH was not stolen at the same time, which tells me it was an automated process...
But now I have worked out that very simple hacking can access an exodus wallet.
Access to email and a keyboard tracker is entry level hacking , no?
Why they have the backup link emailed through a third parties servers is beyond me. I trusted their system, and the very sad and true reality is that if I had have used any other wallet, any, or just left it all on an exchange. I would still have them.
They are not acknowledging that this weakness is a problem, and many (inducing myself) will call me an idiot for leaving that email in my folders on my email storage.
So if you use Exodus, delete or remove that storage link from the internet!! Or your coins will be taken at some stage.
It just takes simple hacking to get into someones email and then work out their passwords, we all know this. I felt the caution when I was entering my email into the exodus system to back up my wallet, but I went against my intuition and trusted their system. New fancy wallet for the mainstream, right? they must be onto it.
Those two BTC were the result of a couple of years of research, investment and my entire enthusiasm for the crypto scene. They were the deposit to my family's house in a couple of years and my sons education plan. He is 6 months old now.
Gone.
I cried.
In such exciting times I felt I was on board, and would not feel the FOMO, I had my 2 whole bitcoins, and some ether. But now I have just some Ether and if I invest more I will feel silly, If I don't I will feel silly.
what to do, meanwhile BTC and BCC grow fast.
I will not rant on any more, but be it a warning to those like me that are interested enough and avid enough to put our toes into this scene, but not the experts.
This is what the BTC scene needs now to gain mass adoption. I feel this weakness is bad for the community as a whole, it gives hackers incentive to attack, it waters down the security of BTC that is built in. I had my numbers I cleaned everything off my computer and I still got hacked. Because their dumb email.
I wrote to the developer of Exodus that is responsible for this aspect of the project 24 hours ago, no reply.
Be careful and just because the startups look all kind, caring and into it... tread carefully.
Just download the block chain and use a core wallet.
Fuck the fancy shit, it will just bite you in the ass.
Devistated.
Jump to: